Red Hat Bugzilla – Bug 915961
CVE-2013-0504 CVE-2013-0648 flash-plugin: multiple code execution flaws (APSB13-08)
Last modified: 2015-11-24 10:28:29 EST
Adobe security bulletin APSB13-08 describes multiple security flaws that could cause Adobe Flash Player to crash and potentially allow an attacker to take control of the affected system:
This update resolves a vulnerability in the ExternalInterface ActionScript feature, which can be exploited to execute malicious code (CVE-2013-0648).
This update resolves a buffer overflow vulnerability in a Flash Player broker service, which can be used to execute malicious code (CVE-2013-0504).
This issue has been addressed in following products:
Supplementary for Red Hat Enterprise Linux 5
Supplementary for Red Hat Enterprise Linux 6
Via RHSA-2013:0574 https://rhn.redhat.com/errata/RHSA-2013-0574.html